How to install and configure Rudolf's Radiusd
What you need
- Linux-Machine (or another unix-like machine and nerves to port it)
- The g++-Compiler (2.7.2 or 2.7.2.1) (or another C++ Compiler and nerves ....)
- the BerkleyDB (see http://www.sleepycat.com/db/)
- the gdbm-Library (or you have to build in another library)
- My library rlib
Configuration
Chose a directory-Structure
I prefer a dirctory-Structure after the package-Concept from Dr. Turowski.
After this, you had all the things in a Directory-tree:
/local/radius its the main-directory
/local/radius/bin the place where the binaries are
/local/radius/src the place of the sources
/local/radius/db here are the Configuration files for authorisation
and the Userfile
/local/radius/acct here are the configurationfile and the logfile from Accounting.
Perhaps you will decide to have an static- and dynamic-Part. Or, you
may have clients and server, where the server have the radiusd and the
dynamic files and the clients can use the Client-tools.
The tar file begin with the relative path radius. You can unpack
it via tar -zxvf radius-0.6.tgz in the Directory you want.
What you may have to edit
- make.conf for the path of my library and for the Path of the
binary and for the Compilerflags
- It's no fault to look in the Makefiles in the subdirectories.
- conf.h for machine-Dependend things
- config.h for the Directory-Structure and for the default-
Radiushost for the Clients
Build it
There are 2 Parts: The radiusd itself and the clients.
To build the server, there are compiletime-Arguments for the Makefile:
- DEF=-DSINGLE
- Make a single-threaded radiusd
- WITH_CACHING=1
- Includes the caching Realm
- WITH_ADABAS_REALM=1
- Includes the ADABAS Realm
To build it, type make server Compiletime arguments
and then make install-servers.
Example:
cd /local/radius/src
make server WITH_CACHING=1
make install-servers
To build the the clients:
make theclients
make install-clients
For working purpose each subdir can build seperately. But some subdirs
depend on others.
Installing the ppp-2.2.0f-Patch
- fetch the sources from ppp-2.2.0f
- unpack the sources
- cd $pppsourcedit
- patch < ppp-2.2.0f-radius
- Edit the Makefile to your needs
- make RADIUS=1
Changes in the system
You have to add the following lines in vor /etc/services:
radius 1645/udp radiusd
radacct 1646/udp radiusd-accounting
Security-Conciderations
We use the Unix-Rights to protect the Tools.
- Only the Superuser and his friends (a special user group) can access
the Configurationfiles like clients)
- Only the Superuser and his friends are alload to user the Client tools.
The Clienttools are in this state only for testing purpose.
Another idea is that the Caller hat to type in the secret too.
It will be easy to change it.
Rudolf Weber
Informatik- und Netzwerkverein Ravensburg e.V